SUSE CVE-2024-8185

Vault Community and Vault Enterprise “Vault” clusters using Vault's Integrated Storage backend are vulnerable to a denial-of-service DoS attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vaul...

Remote Code Execution (RCE)

org.apache.hugegraph, hg-pd-core is vulnerable to a Remote Code Execution. The vulnerability is due to insecure Hessian deserialization in the Raft cluster membership logic, where a malicious Raft node can send crafted objects that bypass type safety and trigger unsafe deserialization and attacke...

EUVD-2024-3041

Malicious code in bioql PyPI...

Denial Of Service (DoS)

github.com/hashicorp/vault is vulnerable to Denial Of Service DoS. The vulnerability is due to the Raft cluster join API endpoint, which allows an attacker to send a large volume of requests, leading to excessive memory consumption...

CVE-2024-8185

A flaw was found in HashiCorp Vault. Clusters using Vault’s Integrated Storage backend are vulnerable to a denial of service DoS attack through memory exhaustion through a Raft cluster join API endpoint. This flaw allows an attacker to send a large volume of requests to the endpoint, which may...

GHSA-G233-2P4R-3Q7V Hashicorp Vault vulnerable to denial of service through memory exhaustion

Vault Community and Vault Enterprise “Vault” clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service DoS attack through memory exhaustion through a Raft cluster join API endpoint. An attacker may send a large volume of requests to the endpoint which may cause Vault...

CVE-2024-8185

Vault Community and Vault Enterprise “Vault” clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service DoS attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vaul...

CVE-2024-8185

CVE-2024-8185 affects Vault Community/Enterprise when using Integrated Storage with Raft; memory exhaustion via the cluster-join API can lead to DoS or Vault process crash. Likely impact is loss of service due to memory pressure. Fixes are available: Vault Community 1.18.1 and Vault Enterprise 1....

CVE-2024-8185 Vault Vulnerable to Denial of Service When Processing Raft Join Requests

Vault Community and Vault Enterprise “Vault” clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service DoS attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vaul...

CVE-2024-8185 Vault Vulnerable to Denial of Service When Processing Raft Join Requests

Vault Community and Vault Enterprise “Vault” clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service DoS attack through memory exhaustion through a Raft cluster join API endpoint . An attacker may send a large volume of requests to the endpoint which may cause Vaul...

PT-2024-7644

Name of the Vulnerable Software and Affected Versions Vault Community versions prior to 1.18.1 Vault Enterprise versions prior to 1.18.1, 1.17.8, and 1.16.12 Description The issue is related to the Raft Consensus Algorithm in the Integrated Storage of HashiCorp Vault and Vault Enterprise, which c...